Isn't it possible to create a cookie or add an url parameter after the logout, so the
user is not logged in automatically?
It's crucial for us to be able to log in as a different user, otherwise we can not use
kerberos at all :(
Michael
Am 22. Juli 2015 um 23:06 schrieb Marek Posolda <mposolda(a)redhat.com>:
I don't think it's doable. Kerberos is kind of desktop login and logout from the
web application won't destroy the kerberos ticket - similarly like it can't logout
your laptop/desktop session. So when you visit the secured application next time, you are
automatically logged into Keycloak through SPNEGO due to the Kerberos ticket.
Hence you need to remove kerberos ticket manually (For example "kdestroy" works
on Linux, but I guess you're using Windows + ActiveDirectory? ) and then you will be
able to see keycloak login screen and login as different user.
Marek
On 22.7.2015 15:38, Michael Gerber wrote:
Hi all,
I use LDAP with Kerberos and would like to logout and login again with a different user
(no kerberos login, just keycloak username and password dialog).
Is that possible?
cheers
Michael
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user